CVE-2025-0107— Expedition: OS Command Injection Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-0107
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Expedition: OS Command Injection Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Palo Alto Networks Expedition 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Palo Alto Networks Expedition是美国Palo Alto Networks公司的一种有助于配置迁移、调优和丰富的工具。 Palo Alto Networks Expedition存在安全漏洞。攻击者利用该漏洞可以以 Expedition 中的 www-data 用户身份运行任意操作系统命令,从而导致运行 PAN-OS 软件的防火墙的用户名、明文密码、设备配置和设备 API 密钥泄露。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Palo Alto Networks | Cloud NGFW | - | - | |
| Palo Alto Networks | Expedition | 1 ~ 1.2.100 | - | |
| Palo Alto Networks | Panorama | - | - | |
| Palo Alto Networks | PAN-OS | - | - | |
| Palo Alto Networks | Prisma Access | - | - |
II. Public POCs for CVE-2025-0107
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-0107.yaml | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-0107
请登录查看更多情报信息。
Same Patch Batch · Palo Alto Networks · 2025-01-11 · 5 CVEs total
| CVE-2025-0103 | Expedition: SQL Injection Vulnerability | |
| CVE-2025-0104 | Expedition: Cross-Site Scripting (XSS) Vulnerability | |
| CVE-2025-0105 | Expedition: Arbitrary File Deletion Vulnerability | |
| CVE-2025-0106 | Expedition: Wildcard Expansion Vulnerability |
IV. Related Vulnerabilities
Same product: Cloud NGFW
- CVE-2026-0256
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in t - CVE-2026-0257
PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities - CVE-2026-0258
PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certific - CVE-2026-0261
PAN-OS: Authenticated Admin Command Injection Vulnerability - CVE-2026-0262
PAN-OS: Denial of Service Vulnerabilities in Network Traffic
Same vendor: Palo Alto Networks
- CVE-2026-0243
Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through - CVE-2026-0248
Prisma Access Agent: Improper Certificate Validation Vulnera - CVE-2026-0242
Trust Protection Foundation: SQL Injection Vulnerability - CVE-2026-0244
Prisma SD-WAN: Improper Certificate Validation Vulnerability - CVE-2026-0241
Trust Protection Foundation: Multiple Authorization Bypass V
Same weakness: CWE-78
V. Comments for CVE-2025-0107
No comments yet